CVE-2023-45208

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Oct 10, 2023

Updated: Oct 16, 2023

CWE ID 77

Summary

CVE-2023-45208 is a critical vulnerability affecting the D-Link DAP-X1860 repeater versions 1.00 through 1.01b05-01. The issue lies in the parsing_xml_stasurvey function within libcgifunc.so, which is exploitable through a command injection. Attackers can take advantage of this flaw during the repeater's setup process, executing shell commands as the root user, just by providing a crafted SSID. Additionally, network names containing single quotes can induce a denial of service.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

D LINK SYSTEMS INC

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/s5qbcW
https://www.cve.org/CVERecord?id=CVE-2023-45208
https://nvd.nist.gov/vuln/detail/CVE-2023-45208

Back to Vulnerability Database

CVE-2023-45208

CVSS 3.1 Score 8.8 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations